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« The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)S Responsive to communication(s) filed on 16 December 1999 . 
2a)D This action is FINAL. 2b)H This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 
Disposition of Claims 

4) H Claim(s) 1-23 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) M Claim(s) 1-23 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 16 December 1999 is/are: a)D accepted or b)|SI objected to by the Examiner. 

Applicant may not requestthat any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

1 1) D The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)DAII b)D Some*c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 

Attachment(s) 

1 ) [X] Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) Paper No(s). . 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) O Notice of Informal Patent Application (PTO-152) 

3) H Information Disclosure Statement(s) (PTO-1449) Paper No(s) 2. 6) □ Other: 
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DETAILED ACTION 



Drawings 



1 . The drawings are objected to because figures are drawn by hand. A proposed 
drawing correction or corrected drawings are required in reply to the Office action to 
avoid abandonment of the application. The objection to the drawings will not be held in 
abeyance. 



2. The term "event of interest" in claims 1,9,14,15 and 18, is a relative term which 
renders the claim indefinite. The term "event of interest " is not defined by the claim, the 
specification does not provide a standard for ascertaining the requisite degree, and one 
of ordinary skill in the art would not be reasonably apprised of the scope of the 
invention. Claim language should clearly define the difference between the "notification 
event of interest" with the event of no interest. 



3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



Claim Rejections - 35 USC § 112 



Claim Rejections - 35 USC § 102 



Application/Control Number: 09/464,854 Page 3 

Art Unit: 2132 

4. Claims 1, 3 - 8, 22 and 23 are rejected under 35 U.S.C. 102(e) as being 
anticipated by OToole (U.S. Patent No. 6.279.112 B1). 

5. Referring to the instant claims, OToole discloses control transfer of information 
in computer networks (see abstract and Fig.1). 

OToole teaches that the client computer notifies the server computer (or the information 
source computer) that the access ticket was added to the access control list - see 
column 5, lines 23-30 and Fig 2, block 32. OToole teaches that client computer 200 
also stores a client security profile 208 that specifies that certain information in client 
personal profile 206 should be disclosed to server computer 202 only to trusted servers 
or only upon authorization from the client user or both. A client "avatar" 210 located at 
client computer 200 acts as an agent for the user by controlling the release of 
information from client personal profile 206 to server computer 202 (see Fig. 5). 

6. Referring to claim 1 , the limitation "determining that a user has made a security 
modification to a portion of the trusted computing installation" is met by adding the 
access ticket to the access control list of the channel object of the client computer (see 
Fig.1 and Fig. 2, block 30). The limitation "determining that the security modification is a 
notification event of interest" is met by sending the access ticket to notification server 
(see Fig. 2, block 30). The limitation "sending the central authority a notification of the 
security modification" is met by client computer notifying server computer that access 
ticket was added to access control list (see Fig. 2, block 32). 

7. Referring to claim 22, the limitation "a pluggable framework for receiving a set of 
notification objects..." is met by notification server (see block 16 in Fig. 2). 
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8. Referring to claim 3, the limitation "addition of a certificate in a certificate database" 
is met by the notification server adding the access ticket to the access control list (see 
column 5, lines 7-9). 

9. Referring to claims 5, 6 and 8 f it is inherent to send notifications in the form of 
Simple Network Management Protocol (SNMP) alerts or in the form of an e-mail 
messages or screen messages. 

10. Referring to claim 7, OToole teaches recording in clients interest in the database 
(see column 5, lines 27-30). 

Claim Rejections - 35 USC § 103 

1 1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

12. Claims9-11, 13, 14, 15-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over OToole (U.S. Patent No. 6.279.1 12 B1) in view of INT BUSINESS 
MACHINE CORP (RD 414099A). 

1 3. Referring to the instant claims, OToole discloses control transfer of information in 
computer networks (see abstract and Fig.1). OToole teaches that the client computer 
notifies the server computer (or the information source computer) that the access ticket 
was added to the access control list - see column 5, lines 23-30 and Fig 2 , block 32. 
OToole teaches that client computer 200 also stores a client security profile 208 that 
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specifies that certain information in client personal profile 206 should be disclosed to 
server computer 202 only to trusted servers or only upon authorization from the client 
user or both. The limitation "determining that a user has made a security modification to 
a portion of the trusted computing installation" is met by adding the access ticket to the 
access control list of the channel object of the client computer (see Fig.1 and Fig. 2, 
block 30). The limitation "determining that the security modification is a notification event 
of interest" is met by sending the access ticket to notification server (see Fig. 2, block 
30). The limitation "sending the central authority a notification of the security 
modification" is met by client computer notifying server computer that access ticket was 
added to access control list (see Fig. 2, block 32). OToole, however, does not teach or 
suggest the use of a security notification manager class. 

14. Referring to the instant claims, INT BUSINESS MACHINE CORP (hereinafter 
IBMC) discloses a security environment for evaluating and executing Java applications 
(see abstract). IBMC teaches that the settings for each of the operation checks are 
defined by the JAVA security manager class (see page 2, basic-abstract). Therefore, at 
the time the invention was made it would have been obvious to one of ordinary skill in 
the art to determine that a security modification has been made to the computing 
installation of OToole and invoke a JAVA security manager class as taught in IBMC. 
One of ordinary skill in the art would have been motivated to determine that a security 
modification has been made to the computing installation and invoke a JAVA security 
manager class as taught in IBMC for defining the settings of the operation to be 
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performed (see IBMC, page 2, basic abstract). The limitation" instantiating the security 
manager class" is met by parameters required for the application (see abstract). 

15. Referring to claims 10,16 and 23, it is notoriously well known in the art to use 
notifications in the form of Simple Network Management Protocol (SNMP) alerts or in 
the form of an e-mail messages or screen messages. 

16. Referring to claim 18, the limitation "invoking an abstract Java class" is met by 
IBMC disclosure, teaching the use of the JAVA security manager class (see page 2, 
basic-abstract). 

17. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over OToole 
(U.S. Patent No. 6.279.112 B1) in view of Renaud (U.S. Patent No. 5.958.051). 

1 8. Referring to claim 2, OToole teaches sending the central authority a notification 
of the security modification made on the client computer. OToole, however does not 
explicitly teach the notification in the form of applet signature. Renaud discloses 
implementing digital signatures for data streams (see abstract). Renaud teaches 
computer-implemented method for verifying the authenticity of data wherein when the 
data file comprises an applet, and when the signature is not verified, the method 
includes determining whether an unsigned data file is acceptable for execution on the 
computer, and terminating the applet if an unsigned data file is not acceptable for 
execution on said computer (see Fig. 6 and column 17, lines 3-9). Therefore, at the time 
the invention was made it would have been obvious to one of ordinary skill in the art to 
send the notification of the security modification to the central authority of OToole in the 
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form of failed applet signature as taught in Renaud. One of ordinary skill in the art would 
have been motivated to send the notification of the security modification to the central 
authority in the form of failed applet signature as taught in Renaud for determining 
whether to allow or disallow applet action (see Renaud, Fig 6, blocks 618 and 620). 

19. Claim 12 is rejected under 35 U.S.C. 103(a) as being unpatentable over OToole 
(U.S. Patent No. 6.279.112 B1) in view of INT BUSINESS MACHINE CORP (RD 
414099A) and further in view of Renaud (U.S. Patent No. 5.958.051). 

20. Referring to claim 12, OToole and IBMC teach determining that user has made a 
security modification to a portion of computing installation and sending the notification to 
the central authority. OToole and IBMC, however do not teach the use of applet 
signature verification routine for determining the security modification. Renaud teaches 
computer-implemented method for verifying the authenticity of data wherein when the 
data file comprises an applet, and when the signature is not verified, the method 
includes determining whether an unsigned data file is acceptable for execution on the 
computer, and terminating the applet if an unsigned data file is not acceptable for 
execution on said computer (see Fig. 6 and column 17, lines 3-9). Renaud shows applet 
signature verification routine (see Fig.6, block 606). Therefore, at the time the invention 
was made it would have been obvious to one of ordinary skill in the art to determine 
that user has made a security modification to a portion of computing installation of 
OToole and IBMC by running the applet signature verification routine as taught in 
Renaud. One of ordinary skill in the art would have been motivated to determine that 
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user has made a security modification to a portion of computing installation by running 
the applet signature verification routine as taught in Renaud for accepting the signed 
stream or stopping the applet (see Renaud, Fig. 6 blocks 624-625). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Grigory Gurshman whose telephone number is (703) 
306-2900. The examiner can normally be reached on 9 AM-5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (703) 305-1830. The fax phone number 
for the organization where this application or proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the TC 2100 receptionist whose telephone number is 
(703) 305-3900. 




Grigory Gurshman 

Examiner 

Art Unit 2132 
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